Computer users keep large amounts of data, such as personal information, financial information, and proprietary business data, on their computers. Users often consider much of that data private, i.e., they do not wish others to access it. One way to control access to the data is to control access to the computer itself. However, as users travel, they may wish to access some of that private data remotely. They wish such remote access to be as secure as possible so that the data is not viewed by anyone who has not been granted specific access. Currently, there are various systems and methods in place to allow a user to remotely and securely access data residing on one device from another device in a remote location.
For example, a user can store and access data using a variety of portable storage devices/media. Such devices can include USB thumb-drives, storage cards, portable hard disk drives, CD-ROMs, DVD-ROMs etc. However, storing the desired files on a portable device requires the user to synchronize any changes that occur, since changes made to a file on the portable device will not be reflected in the original file.
Additionally, if the portable device is lost or stolen, the data may become available to unauthorized users. It is possible to protect the data using various techniques. One technique is to encrypt the data on these devices and use a password to access the data. In order to be secure from decryption attacks, the passwords must be of a certain length and contain both numeric and alphabetic characters. However, the use of passwords requires user intervention for set-up. If the user forgets or misplaces the passwords, he will not be able to access the data thus protected. If the data is encrypted on the storage device using the password, it is possible that a user may not be able to access the data at all unless unencrypted copies of the data exist. Additionally, if a password is lost or stolen, the user must revoke the old password and establish a new one. This is onerous for many users.
Further, passwords may be easily bypassed by a determined attacker. For example, the passwords that are generated by the user at the computer keyboard can be tracked by key-logger software resident on the user's computer. The user may not even know that such software has been installed on their system. Given the problems described above, the use of passwords as a security measure for protecting data is thus not an optimal solution.
Alternate systems are also known for securing data. For example, biometric authentication verifies a user by capturing some physical characteristic, such as face recognition, voice recognition, fingerprinting, iris scanning etc, then using the captured characteristic to authenticate the user. Biometric authentication is rather secure, as the user must be present to access the data. However, this can be inconvenient, as the user who has set up the biometric identification must be present to allow other users to access the data. Besides, human characteristics are susceptible to changes over time. As technology progresses, these characteristics may also be counterfeited. Furthermore, biometric data authentication systems, and particularly portable biometric data authentication systems, can be very costly to implement.
It is also possible for users to access data on their systems using remote access software. Telnet is one widely available solution that allows users to access data remotely. A user at a remote location can log in to his home system using his identification (ID) and password. The problems associated with the use of passwords outlined above also apply to the use of passwords with remote access software. With these applications, besides remembering the password, the user must also remember his user ID as well.
An additional problem with Telnet is that it transfers all data unencrypted, i.e. as plain text. This means data transmission over the network is highly insecure. People who are determined to obtain the data can sniff out the data easily. One solution to this problem is the use of Secure Shell (SSH). SSH is a network protocol that allows data to be exchanged over a secure channel between two computers. Data encryption provides confidentiality and integrity of the data thus transmitted. SSH uses public-key cryptography to authenticate the remote computer and allow the remote computer to authenticate the user, if necessary. Reliable and secure exchange of the public key is a difficult problem to solve. If the public key is sent using the same channel as the data that is being exchanged, the public key can be subject to interception. If it is intercepted, it is possible intercept the data (the man-in-the-middle attack).
An additional problem with remote access software is that, in order to make the remote connections, the user may need to remember the internet protocol (IP) address of the host computer. As it is, remembering static IP addresses can be a problem for the users. For dynamic IP addresses, this problem is compounded.
A need therefore exists to provide a system and method to address one or more of the above problems.